Botnets are very active at the moment, at least, on my server they are. Most botnet hits are unique - they switch IPs per page (in my experience).
And yes, a vast number of them come from USA, either from compromised "broadband" computers or from compromised server farms.
Also getting a lot of gootkit scans which look for a lot of specific PHP URLs (blocked a full /16 Egyptian range yesterday!) but although gootkit is a botnet "device" it seems to stay on a single IP until it gets fed up or firewalled.
Look through other recent postings in this forum for other comments on these phenomena.